Dell is warning customers of a data breach after a threat actor claimed to have stolen information for approximately 49 million customers.
The computer maker began emailing data breach notifications to customers yesterday, stating that a Dell portal containing customer information related to purchases was breached.
“We are currently investigating an incident involving a Dell portal, which contains a database with limited types of customer information related to purchases from Dell,” reads a Dell data breach notification shared with BleepingComputer.
As first reported by Daily Dark Web, a threat actor named Menelik attempted to sell a Dell database on the Breach Forums hacking forum on April 28th. The threat actor said they stole data from the computer maker for “49 million customer and other information systems purchased from Dell between 2017-2024.”.
While BleepingComputer has not been able to confirm if this is the same data that Dell disclosed, it matches the information listed in the data breach notification.
Dell does not “Believe there is significant risk to our customers given the type of information involved,” yet the stolen information could potentially be used in targeted attacks against Dell customers.